package com.qf.shiro.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition(){

        DefaultShiroFilterChainDefinition defaultShiroFilterChainDefinition = new DefaultShiroFilterChainDefinition();
        //无需登录即可访问
        defaultShiroFilterChainDefinition.addPathDefinition("/regist.html","anon");

        defaultShiroFilterChainDefinition.addPathDefinition("/user/register","anon");

        defaultShiroFilterChainDefinition.addPathDefinition("/b.html","authc");

         //defaultShiroFilterChainDefinition.addPathDefinition("/b.html","authc, roles[admin] ");

        // url需要当前用户拥有document:read权限才可以访问
        defaultShiroFilterChainDefinition.addPathDefinition("/c.html","perms[document:read]");
        // url无需登录即可访问
        defaultShiroFilterChainDefinition.addPathDefinition("/d.html","anon");

        defaultShiroFilterChainDefinition.addPathDefinition("/error","anon");

        defaultShiroFilterChainDefinition.addPathDefinition("/user/login","anon");

        defaultShiroFilterChainDefinition.addPathDefinition("/home.html","user");
        //默认所有都拦截 ，个别的可以放在上面卸annon
       defaultShiroFilterChainDefinition.addPathDefinition("/**","authc");

        return defaultShiroFilterChainDefinition;
    }
    @Bean
    public Realm realm(){
        CustomRealm customRealm = new CustomRealm();

        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();

        hashedCredentialsMatcher.setHashAlgorithmName("md5");

        hashedCredentialsMatcher.setHashIterations(1024);

        customRealm.setCredentialsMatcher(hashedCredentialsMatcher);

        return customRealm;
    }
}
